AT-4: Training Records

From NIST's SP800-53:

a. Document and monitor information security and privacy training activities, including security and privacy awareness training and specific role-based security and privacy training; and b. Retain individual training records for [Assignment: organization-defined time period].

Cyber Threat Graph Context

Explore how this control relates to the wider threat graph